#! /bin/sh
# $OpenLDAP$
## This work is part of OpenLDAP Software <http://www.openldap.org/>.
##
## Copyright 1998-2024 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## <http://www.OpenLDAP.org/license.html>.

echo "running defines.sh"
. $SRCDIR/scripts/defines.sh

mkdir -p $TESTDIR $DBDIR1 $DBDIR2

$SLAPPASSWD -g -n >$CONFIGPWF
echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf

if test $AC_lloadd = lloaddyes ; then
    echo "Load balancer module not available, skipping..."
    exit 0
fi

# lloadd implements a broad interpretation of the Notice of Disconnection when
# it relates to closing the connection:
# - as a server, once it decides to send one, if there are operations still
#   pending, the connection is kept open so those can be sent to the client,
#   should it wish to stick around
# - as a client, if a NoD is received, it can choose to (and lloadd does) stick
#   around for the remaining operations to be resolved
#
# All of the above is completely voluntary, either side is still free to close
# the connection at any point, instigate any timeout logic it sees fit etc. The
# client *should not* however expect any new requests be accepted on this
# connection - the connection is being closed after all.
#
# The test works as follows:
# - we configure two load balancer, one pointing to another with 2 upstream
#   connection to a slapd that enables syncprov
# - a syncrepl refreshAndPersist connection is started against the front one
# - a syncrepl refreshAndPersist connection is started against the rear one
# - we confirm the client and upstream connections involved as far as each
#   lloadd/syncrepl session is concerned (because we use tier roundrobin, they
#   will be allocated to separate upstreams)
# - we tell the rear lloadd to "close" the client connection, the connection
#   still has a live operation (the syncrepl session), so a NoD is sent but
#   connection is kept open, ldapsearch will receive the NoD and close the
#   connection immediately
# - we tell the rear lloadd to "close" the front lloadd's connection, same
#   thing happens but unlike ldapsearch, lloadd will keep it alive in "closing"
#   state (there is an operation pending) and the ldapsearch will be none the
#   wiser
# - we tell the rear lloadd to "close" the upstream connection to the slapd,
#   this terminates the syncrepl session, meaning the related "closing"
#   connections can terminate (and ldapsearch will close its)
# - we make sure all of the affected connections no longer exist in cn=monitor
#
# This is much more complicated that it needs to be but as much as we can do
# without direct control over the client LDAP.

echo "Running slapadd to build slapd database..."
. $CONFFILTER $BACKEND < $SRPROVIDERCONF > $CONF3
$SLAPADD -f $CONF3 -l $LDIFORDERED
RC=$?
if test $RC != 0 ; then
    echo "slapadd failed ($RC)!"
    exit $RC
fi

echo "Running slapindex to index slapd database..."
$SLAPINDEX -f $CONF3
RC=$?
if test $RC != 0 ; then
    echo "warning: slapindex failed ($RC)"
    echo "  assuming no indexing support"
fi

echo "Starting slapd on TCP/IP port $PORT3..."
$SLAPD -f $CONF3 -h $URI3 -d $LVL > $LOG3 2>&1 &
PID=$!
if test $WAIT != 0 ; then
    echo PID3 $PID
    read foo
fi
PID3="$PID"
KILLPIDS="$PID"

echo "Testing slapd searching..."
for i in 0 1 2 3 4 5; do
    $LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \
        '(objectclass=*)' > /dev/null 2>&1
    RC=$?
    if test $RC = 0 ; then
        break
    fi
    echo "Waiting $SLEEP1 seconds for slapd to start..."
    sleep $SLEEP1
done
if test $RC != 0 ; then
    echo "ldapsearch failed ($RC)!"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit $RC
fi

echo "Starting rear lloadd on TCP/IP port $PORT2..."
. $CONFFILTER $BACKEND < $LLOADDEMPTYCONF > $CONF2.lloadd
sed -e 's/URI1/URI2/g' -e 's/slapd\.1\./slapd.2./g' $SLAPDLLOADCONF | . $CONFFILTER $BACKEND > $CONF2.slapd
$SLAPD -f $CONF2.slapd -h $URI5 -d $LVL > $LOG2 2>&1 &
PID=$!
if test $WAIT != 0 ; then
    echo REARPID $PID
    read foo
fi
REARPID="$PID"
KILLPIDS="$KILLPIDS $PID"

echo "Testing slapd searching..."
for i in 0 1 2 3 4 5; do
    $LDAPSEARCH -s base -b "$MONITOR" -H $URI5 \
        '(objectclass=*)' > /dev/null 2>&1
    RC=$?
    if test $RC = 0 ; then
        break
    fi
    echo "Waiting $SLEEP1 seconds for lloadd to start..."
    sleep $SLEEP1
done

if test $RC != 0 ; then
    echo "ldapsearch failed ($RC)!"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit $RC
fi

echo "Configuring load balancing..."
$LDAPMODIFY -D cn=config -H $URI5 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1
dn: olcDatabase={1}monitor,cn=config
changetype: modify
add: olcRootDN
olcRootDN: cn=config

dn: cn=main,olcBackend={0}lload,cn=config
changetype: add
objectClass: olcBkLloadTierConfig
olcBkLloadTierType: roundrobin

dn: cn=slapd,cn={0}main,olcBackend={0}lload,cn=config
changetype: add
objectClass: olcBkLloadBackendConfig
olcBkLloadBackendUri: $URI3
olcBkLloadMaxPendingConns: 3
olcBkLloadMaxPendingOps: 5
olcBkLloadRetry: 1000
olcBkLloadNumconns: 2
olcBkLloadBindconns: 2
EOF
RC=$?
if test $RC != 0 ; then
    echo "ldapadd failed for backend ($RC)!"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit $RC
fi

echo "Testing slapd searching..."
for i in 0 1 2 3 4 5; do
    $LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \
        '(objectclass=*)' > /dev/null 2>&1
    RC=$?
    if test $RC = 0 ; then
        break
    fi
    echo "Waiting $SLEEP1 seconds for lloadd to start..."
    sleep $SLEEP1
done

if test $RC != 0 ; then
    echo "ldapsearch failed ($RC)!"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit $RC
fi

echo "Starting front lloadd on TCP/IP port $PORT1..."
. $CONFFILTER $BACKEND < $LLOADDEMPTYCONF > $CONF1.lloadd
. $CONFFILTER $BACKEND < $SLAPDLLOADCONF > $CONF1.slapd
$SLAPD -f $CONF1.slapd -h $URI4 -d $LVL > $LOG1 2>&1 &
PID=$!
if test $WAIT != 0 ; then
    echo FRONTPID $PID
    read foo
fi
FRONTPID="$PID"
KILLPIDS="$KILLPIDS $PID"

echo "Testing slapd searching..."
for i in 0 1 2 3 4 5; do
    $LDAPSEARCH -s base -b "$MONITOR" -H $URI4 \
        '(objectclass=*)' > /dev/null 2>&1
    RC=$?
    if test $RC = 0 ; then
        break
    fi
    echo "Waiting $SLEEP1 seconds for lloadd to start..."
    sleep $SLEEP1
done

if test $RC != 0 ; then
    echo "ldapsearch failed ($RC)!"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit $RC
fi

echo "Configuring load balancing..."
$LDAPMODIFY -D cn=config -H $URI4 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1
dn: olcDatabase={1}monitor,cn=config
changetype: modify
add: olcRootDN
olcRootDN: cn=config

dn: cn=main,olcBackend={0}lload,cn=config
changetype: add
objectClass: olcBkLloadTierConfig
olcBkLloadTierType: roundrobin

dn: cn=lloadd,cn={0}main,olcBackend={0}lload,cn=config
changetype: add
objectClass: olcBkLloadBackendConfig
olcBkLloadBackendUri: $URI2
olcBkLloadMaxPendingConns: 3
olcBkLloadMaxPendingOps: 5
olcBkLloadRetry: 1000
olcBkLloadNumconns: 2
olcBkLloadBindconns: 2
EOF
RC=$?
if test $RC != 0 ; then
    echo "ldapadd failed for backend ($RC)!"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit $RC
fi

echo "Testing slapd searching..."
for i in 0 1 2 3 4 5; do
    $LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \
        '(objectclass=*)' > /dev/null 2>&1
    RC=$?
    if test $RC = 0 ; then
        break
    fi
    echo "Waiting $SLEEP1 seconds for lloadd to start..."
    sleep $SLEEP1
done

if test $RC != 0 ; then
    echo "ldapsearch failed ($RC)!"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit $RC
fi

echo "Starting syncrepl searches and getting connection coordinates..."
# Make sure file exists so "tail" winning the race doesn't cause an error
: >$SEARCHOUT
# Front lloadd
$LDAPSEARCH -H $URI1 -b "$BASEDN" -s base 1.1 -E '!sync=rp' >$SEARCHOUT 2>&1 &
SYNCPID1=$!
KILLPIDS="$KILLPIDS $SYNCPID1"

# Wait for the session to progress to persist phase
tail -f "$SEARCHOUT" | grep -q '^dn:'

SYNCCONN_FRONT=`$LDAPSEARCH -o ldif-wrap=no -H $URI4 \
    -b "cn=Incoming Connections,cn=Load Balancer,cn=Backends,cn=monitor" \
    "olmPendingOps=1" 1.1 | grep -v '^$' | sed -e 's/^dn: //'`

if test -z "$SYNCCONN_FRONT" ; then
    echo "Connection not found in cn=monitor"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit 1
fi

CONN_INTER=`$LDAPSEARCH -o ldif-wrap=no -H $URI5 \
    -b "cn=Incoming Connections,cn=Load Balancer,cn=Backends,cn=monitor" \
    "olmPendingOps=1" 1.1 | grep -v '^$' | sed -e 's/^dn: //'`

if test -z "$CONN_INTER" ; then
    echo "Connection not found in cn=monitor"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit 1
fi

# Make sure file exists so "tail" winning the race doesn't cause an error
: >$SEARCHOUT2
# Rear lloadd
$LDAPSEARCH -H $URI2 -b "$BASEDN" -s base 1.1 -E '!sync=rp' >$SEARCHOUT2 2>&1 &
SYNCPID2=$!
KILLPIDS="$KILLPIDS $SYNCPID2"

# Wait for the session to progress to persist phase
tail -f "$SEARCHOUT2" | grep -q '^dn:'

# Need to distinguish between the two connections, so we use the binddn for it
SYNCCONN_REAR=`$LDAPSEARCH -o ldif-wrap=no -H $URI5 \
    -b "cn=Incoming Connections,cn=Load Balancer,cn=Backends,cn=monitor" \
    "(&(olmPendingOps=1)(!(olmConnectionAuthzDN=*)))" 1.1 | \
    grep -v '^$' | sed -e 's/^dn: //'`

if test -z "$SYNCCONN_REAR" ; then
    echo "Connection not found in cn=monitor"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit 1
fi

echo "Letting one change replicate to both clients to prove it was live at this point..."

$LDAPMODIFY -D "$MANAGERDN" -H $URI3 -w $PASSWD <<EOMOD >> $TESTOUT 2>&1
dn: $BASEDN
changetype: modify
delete: o
o: EX
EOMOD

echo "Marking the first connection closed..."

$LDAPMODIFY -D cn=config -y $CONFIGPWF -H $URI5 <<EOMOD >> $TESTOUT 2>&1
dn: $SYNCCONN_REAR
changetype: modify
replace: olmConnectionState
olmConnectionState: closing
EOMOD
RC=$?
if test $RC != 0 ; then
    echo "ldapmodify failed ($RC)!"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit $RC
fi

wait $SYNCPID2
KILLPIDS=`echo " $KILLPIDS " | sed -e "s/ $SYNCPID2 / /"`

$LDAPMODIFY -D cn=config -y $CONFIGPWF -H $URI5 <<EOMOD >> $TESTOUT 2>&1
dn: $CONN_INTER
changetype: modify
replace: olmConnectionState
olmConnectionState: closing
EOMOD
RC=$?
if test $RC != 0 ; then
    echo "ldapmodify failed ($RC)!"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit $RC
fi

kill -0 "$SYNCPID1"
RC=$?
if test $RC != 0 ; then
    wait "$SYNCPID1"
    RC=$?
    echo "ldapsearch ended prematurely ($RC)!"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit 1
fi

echo "Letting a second change replicate to the remaining client to prove it was live at this point..."

$LDAPMODIFY -D "$MANAGERDN" -H $URI3 -w $PASSWD <<EOMOD >> $TESTOUT 2>&1
dn: $BASEDN
changetype: modify
add: o
o: EX
EOMOD

# let the change propagate
sleep $SLEEP0

kill -HUP $PID3
KILLPIDS=`echo " $KILLPIDS " | sed -e "s/ $PID3 / /"`

wait "$PID3"

echo "Waiting for the syncrepl session to finish"
wait "$SYNCPID1"
KILLPIDS=`echo " $KILLPIDS " | sed -e "s/ $SYNCPID1 / /"`

$LDAPCOMPARE -H $URI5 "$CONN_INTER" olmConnectionState:dying >>$TESTOUT 2>&1
RC=$?
case $RC in
32)
    # Connection is gone as expected
    ;;
5)
    # Connection is still dying, are we really that lucky?
    ;;
6)
    # Connection is still closing? But there are no ops on it!
    echo "Connection between lloadds is still alive when it shouldn't!"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit 1
    ;;
*)
    echo "ldapcompare failed ($RC)!"
    test $KILLSERVERS != no && kill -HUP $KILLPIDS
    exit 1
    ;;
esac

test $KILLSERVERS != no && kill -HUP $KILLPIDS

MSGCOUNT=`grep -c '^dn: ' $SEARCHOUT`
if test $MSGCOUNT != 3 ; then
    echo "Unexpected number of syncrepl messages received from front lloadd! ($MSGCOUNT != 3)"
    exit 1
fi

MSGCOUNT=`grep -c '^dn: ' $SEARCHOUT2`
if test $MSGCOUNT != 2 ; then
    echo "Unexpected number of syncrepl messages received from rear lloadd! ($MSGCOUNT != 2)"
    exit 1
fi

echo ">>>>> Test succeeded"

test $KILLSERVERS != no && wait

exit 0
